You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Vassilis Virvilis <v....@biovista.com> on 2009/03/27 10:53:59 UTC
HTTPS: custom keystore: regression in 2.2 from 2.1.3
Hi everybody,
I have the following regression in https usage. My previous setup in 2.1.3 was working correctly with a custom keystore in resources. My cxf.xml was like this
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<http:conduit name="{http://lib.biovista.com/}UserSessionManagerPort.http-conduit">
<http:tlsClientParameters secureSocketProtocol="SSL">
<sec:trustManagers>
<sec:keyStore resource="resources/keystore.jks" />
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
<http:client Connection="Keep-Alive"/>
</http:conduit>
</beans>
With 2.2 cxf doesn't pickup the correct keystore. It uses JRE's original keystore. Has something changed? Can I work around the problem?
If you think this is a good idea I will make a JIRA out of this post.
Regards
.bill
Re: JAXWS Asynchronous consumption of webservice
Posted by Daniel Kulp <dk...@apache.org>.
On Mon March 30 2009 2:33:25 pm Rao, Sameer V wrote:
> Thanks Dan,
>
> So does it mean that the default WorkQueue used by the Bus is registered
> with the container's mbean server?
It is, kind of. :-)
The workqueue isn't created until the first time it's needed. Thus, if you
just startup the process, it won't be there in the jmx view. However, once a
service that needs it accesses it, it will appear.
Dan
>
>
> -----Original Message-----
> From: Daniel Kulp [mailto:dkulp@apache.org]
> Sent: Monday, March 30, 2009 1:02 PM
> To: users@cxf.apache.org
> Cc: Rao, Sameer V
> Subject: Re: JAXWS Asynchronous consumption of webservice
>
> On Mon March 30 2009 1:21:32 pm Rao, Sameer V wrote:
> > Per the JAXWS specs, a service can be consumed asynchronously
> > (SOAP/HTTP). In this case WSDL2Java generates the required code in
> > Service Interface (i.e. Future<>.
> >
> > I am not able to figure out how to configure CXF to use a specific
> > ThreadPool or Does CXF internally manage the ThreadPool and also
> > register the pool with the JEE container? I am using CXF in JBoss, and
> > per JEE App container standard applications should not create/spawn
> > threads as they are not visible to he container. Does CXF handle this
> > internally or should applications (consumers) need to handle
>
> ThreadPool
>
> > stuff?
>
> By default, CXF should use the WorkQueue on the Bus. We have a default
> one
> configured in for that.
>
> The Service class (that the generated serviced objects extend) has a
> "setExecutor" method on it that can be used to set a specific executor
> that is
> used if you don't want to use our default one.
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
RE: JAXWS Asynchronous consumption of webservice
Posted by "Rao, Sameer V" <SR...@amfam.com>.
Thanks Dan,
So does it mean that the default WorkQueue used by the Bus is registered
with the container's mbean server?
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: Monday, March 30, 2009 1:02 PM
To: users@cxf.apache.org
Cc: Rao, Sameer V
Subject: Re: JAXWS Asynchronous consumption of webservice
On Mon March 30 2009 1:21:32 pm Rao, Sameer V wrote:
> Per the JAXWS specs, a service can be consumed asynchronously
> (SOAP/HTTP). In this case WSDL2Java generates the required code in
> Service Interface (i.e. Future<>.
>
> I am not able to figure out how to configure CXF to use a specific
> ThreadPool or Does CXF internally manage the ThreadPool and also
> register the pool with the JEE container? I am using CXF in JBoss, and
> per JEE App container standard applications should not create/spawn
> threads as they are not visible to he container. Does CXF handle this
> internally or should applications (consumers) need to handle
ThreadPool
> stuff?
By default, CXF should use the WorkQueue on the Bus. We have a default
one
configured in for that.
The Service class (that the generated serviced objects extend) has a
"setExecutor" method on it that can be used to set a specific executor
that is
used if you don't want to use our default one.
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: JAXWS Asynchronous consumption of webservice
Posted by Daniel Kulp <dk...@apache.org>.
On Mon March 30 2009 1:21:32 pm Rao, Sameer V wrote:
> Per the JAXWS specs, a service can be consumed asynchronously
> (SOAP/HTTP). In this case WSDL2Java generates the required code in
> Service Interface (i.e. Future<>.
>
> I am not able to figure out how to configure CXF to use a specific
> ThreadPool or Does CXF internally manage the ThreadPool and also
> register the pool with the JEE container? I am using CXF in JBoss, and
> per JEE App container standard applications should not create/spawn
> threads as they are not visible to he container. Does CXF handle this
> internally or should applications (consumers) need to handle ThreadPool
> stuff?
By default, CXF should use the WorkQueue on the Bus. We have a default one
configured in for that.
The Service class (that the generated serviced objects extend) has a
"setExecutor" method on it that can be used to set a specific executor that is
used if you don't want to use our default one.
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
JAXWS Asynchronous consumption of webservice
Posted by "Rao, Sameer V" <SR...@amfam.com>.
Per the JAXWS specs, a service can be consumed asynchronously
(SOAP/HTTP). In this case WSDL2Java generates the required code in
Service Interface (i.e. Future<>.
I am not able to figure out how to configure CXF to use a specific
ThreadPool or Does CXF internally manage the ThreadPool and also
register the pool with the JEE container? I am using CXF in JBoss, and
per JEE App container standard applications should not create/spawn
threads as they are not visible to he container. Does CXF handle this
internally or should applications (consumers) need to handle ThreadPool
stuff?
Thanks,
Sam
Re: HTTPS: custom keystore: regression in 2.2 from 2.1.3
Posted by Vassilis Virvilis <v....@biovista.com>.
On Friday 27 March 2009, Daniel Kulp wrote:
>
> If you CAN make a JIRA with a test case, that would be great. Would
> definitely help debugging it.
>
> For a workaround, you could try using the URL for the name:
>
>
> <http:conduit
> name="https://foo.com.*">
> <http:tlsClientParameters secureSocketProtocol="SSL">
> .....
> </http:conduit>
>
> (the .* is a pattern match for everything at http://foo.com)
Hi Dan,
Please ignore / forget about this issue. My testing was incomplete and wrong.
The problem was that the cxf.xml was not being picked up and the reason for that was the absence of the spring libraries.
The following code did the trick
I have added the JIRA and then closed it.
So this is a non issue. Sorry for the noise
.bill
Re: HTTPS: custom keystore: regression in 2.2 from 2.1.3
Posted by Daniel Kulp <dk...@apache.org>.
If you CAN make a JIRA with a test case, that would be great. Would
definitely help debugging it.
For a workaround, you could try using the URL for the name:
<http:conduit
name="https://foo.com.*">
<http:tlsClientParameters secureSocketProtocol="SSL">
.....
</http:conduit>
(the .* is a pattern match for everything at http://foo.com)
Dan
On Fri March 27 2009 5:53:59 am Vassilis Virvilis wrote:
> Hi everybody,
>
> I have the following regression in https usage. My previous setup in 2.1.3
> was working correctly with a custom keystore in resources. My cxf.xml was
> like this
>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:sec="http://cxf.apache.org/configuration/security"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> xsi:schemaLocation="http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd">
>
> <http:conduit
> name="{http://lib.biovista.com/}UserSessionManagerPort.http-conduit">
> <http:tlsClientParameters secureSocketProtocol="SSL">
> <sec:trustManagers>
> <sec:keyStore resource="resources/keystore.jks" />
> </sec:trustManagers>
> <sec:cipherSuitesFilter>
> <sec:include>.*</sec:include>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> </http:tlsClientParameters>
> <http:client Connection="Keep-Alive"/>
> </http:conduit>
>
> </beans>
>
> With 2.2 cxf doesn't pickup the correct keystore. It uses JRE's original
> keystore. Has something changed? Can I work around the problem?
>
> If you think this is a good idea I will make a JIRA out of this post.
>
> Regards
>
> .bill
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog